Bluetooth Specification v1.0B, Baseband Specification, describes in detail the security measures that are used in a Bluetooth transceiver device to ensure trusted low power radio frequency (LPRF) wireless communication.
The security measures include an authentication procedure and encryption.
The authentication procedure involves a challenge-response scheme in which it is verified that a claimant device shares a secret with a verifier device before the verifier device allows communication with the claimant device. The claimant's knowledge of the secret is checked using symmetric processes in both devices.
First, the verifier receives the claimant's Bluetooth address (BD_ADDR). The BD_ADDR is a 48 bit IEEE address which is unique for each device. The Bluetooth addresses are publicly known and can be obtained via the man machine interface (MMI) of the claimant or automatically, via an inquiry routine initiated by the verifier.
A random number RAND is generated in the verifier and transmitted from the verifier to the claimant.
In the verifier, the following inputs are provided to an algorithm: RAND (verifier), BD_ADDR (claimant), link key (shared). The RAND (verifier) is the random number generated in the verifier. The DB_ADDR (claimant) is the BD_ADDR of the claimant. The link key (shared) is a shared secret key. The algorithm produces an output SRES.
In the claimant a symmetric process occurs, the same inputs are provided to the same algorithm: RAND (verifier), BD_ADDR (claimant), link key (shared). The RAND (verifier) is the random number generated and sent by the verifier. The BD_ADDR (claimant) is the BD_ADDR of the claimant. The link key (shared) is a shared secret key. The algorithm E produces an output SRES.
The output SRES from the claimant is sent to the verifier. If it matches the SRES produced in the verifier, then the claimant and verifier share the same secret (link key) and the claimant is authenticated.
When two devices do not have a common link key a secret initialization key is created based on a secret PIN and a random number. A random number RAND is generated in the verifier and sent from the verifier to the claimant.
The verifier receives or has received the claimant's Bluetooth address (BD_ADDR). e.g. via an inquiry routine by initiated by the verifier.
A symmetric operation occurs in the verifier and the claimant. An algorithm receives as inputs: a PIN (shared), BD_ADDR (claimant), RAND (verifier) and produces as an output the initialization link key (Kinit). The RAND (verifier) is the random number generated by the verifier. The BD_ADDR (claimant) is the BD_ADDR of the claimant. The PIN (shared) is a shared secret.
The PIN code can be a fixed number provided with the Bluetooth device or may be selected arbitrarily by the user, and then entered in both the verifier and claimant. Using an arbitrary PIN is more secure than using a fixed PIN.
The secure sharing of a PIN code is therefore important for security.